<?php
########################################################
# DMS Donations Management System v1.0                 #
# created by:  Isaac Sabas                             #
#			   Nikko Reyes							   #
#			   Miko Tiamwatt						   #
#                                                      #
# De La Salle Philippines                              #
# All Rights Reserved DLSP Copyright 2009              #
########################################################

# INFORMATION:
# DonationHandle.php 
# 	- this is the class that handles the connection of the donation ticket window to the database
#	- all MODIFY, SELECT, and DELETE functions are housed in this class
# 	
# FUNCTION INFORMATION:
#	1. CONSTRUCTOR:
#		- sets up the database connection
#	2. LOAD INFORMATION DATA:
#		a. getDonation (donationId) - returns all the data fields of a particular donation
#		b. getAllClientDonation (clientId) - returns all the donations and its data fields of a particular client
#		c. getForPickupDonations (dateTime) - returns all the pickup donations of a particular time
#		d. getAgentPickupDonation (dateTime, agentId) - returns all the for pickup donations of a particular agent. can be used for generating the pickup reminder list for the agent
#	3. STORE DATA:
#		a. addNewDontation (valuesArray, accountId, clientId, ticketId) - creates a new donation for a particular client
# 		b. addFollowUp (valuesArray, clientId) - add the client to the followup list
# 	4. MODIFY DATA:
#		a. completeDonation (donationId) - changes the status of the donation ticket as complete
# 		b. closeDonationTicket (donationId) - changes the status of the donation ticket as close
#		c. cancelDonationTicket (donationId) - changes the status of the donation ticket as cancelled
# 		d. reschedulePickup (donationId, dateTime) - reschedules the pickup date of a particular on-going donation
#

class DonationHandle{
# FOR CLASS MANAGEMENT #
# 	The following variables are set to uppercase. This means that they are    
#	class monitoring variables.		

	# FOR DETERMINING THAT THE CLASS HAS ALREADY BEEN INSTANTIATED #
	# boolean variable [ value is NULL when class has not been instantiated ]
		private $CLASS_INSTANTIATED = NULL;								              

	# CLASS MESSAGE_HANDLE HOLDER #
	# handles the error and notification messages of the class to notify the user 
	# to capture all SQL and system error, notifications and logs 
		public $MESSAGE_HANDLE = NULL;

	# DB_HANDLE INSTANCE HOLDER #
	# database connection handler [ MYSQL ]
	# instance of the database handle is placed here for the system to use the database with ease 
		public $DB_HANDLE = NULL;
		
# DONATION VARIABLES #
# the ticket variables represent the data fields of the database itself
	private $donationArray;
	
# CLASS CONSTANT VARIABLES #
# this is for class management purposes
	private $errorArray = array("DB_NOTCONNECTED" => "Not connected to database.",
							    "DB_QUERYERROR" => "Problem with query",
							    "DB_INVALIDFIELD" => "Invalid field being accessed."
							   );
	
	# donation statuses:
	# 0 = start
	# 1 = on-going
	# 2 = cancelletion
	# 3 = closed
	# 4 = complete
	
	
#####################################
# DONATION HANDLE CLASS CONSTRUCTOR #
#####################################
	public function DonationHandle(){
		# include the needed / required library
			require_once('DBHandle.php');
		# instantiate the DBHandle and assign it to the class attribute DB_HANDLE	
			$databaseConnection = new DBHandle();
			$this->DB_HANDLE = $databaseConnection->DB_HANDLE;
	}	

##############################	
# LOAD SYSTEM DATA FUNCTIONS #	
##############################			
	
	public function getDonation ($donationId) {
		# check if the DB_HANDLE has connected to the database
			/*if ($this->DB_HANDLE == NULL) {
				return $errorArray['DB_NOTCONNECTED'];
			}
			else {*/
				# protection against SQL injection, add slashes to escape all escape characters
					$donationId = addslashes($donationId);
				# prepare the statement
					$statement = "SELECT * FROM ticket_donations WHERE donation_id = '$donationId'";
				# query & check if error has occured
					if(!$result = mysql_query($statement)) {
						return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:getDonation]';
					}
					else {
						# debugging purposes <remove on production>	
							//echo "got it";
					
						# get the entry values
							$resultArray = mysql_fetch_assoc($result);
								
						# return the values											
							return $resultArray;
					}		
			//}
	}
	
	public function getAllClientDonations ($clientId) {
		# check if the DB_HANDLE has connected to the database
			/*if ($this->DB_HANDLE == NULL) {
				return $errorArray['DB_NOTCONNECTED'];
			}
			else {*/
				# protection against SQL injection, add slashes to escape all escape characters
					$clientId = addslashes($clientId);
				# prepare the statement
					$statement = "SELECT ticket_id FROM ticket_donations WHERE client_id = '$clientId'";
				# query & check if error has occured
					if(!$result = mysql_query($statement)) {
						return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:getAllClientDonations]';
					}
					else {
						# debugging purposes <remove on production>	
							//echo "got it";
					
						# get the entry values
							while ($row = mysql_fetch_assoc($result)){ 
								$resultArray[] = $row; 
							}
						# return the values											
							return $resultArray;
					}		
			//}
	}
	
	public function getForPickupDonations ($dateTime) {
		# check if the DB_HANDLE has connected to the database
			/*if ($this->DB_HANDLE == NULL) {
				return $errorArray['DB_NOTCONNECTED'];
			}
			else {*/
				# protection against SQL injection, add slashes to escape all escape characters
					$dateTime = addslashes($dateTime);
				# prepare the statement
					$statement = "SELECT donation_id FROM ticket_donations WHERE donation_pickupdate = '$dateTime' AND donation_status = 1";
				# query & check if error has occured
					if(!$result = mysql_query($statement)) {
						return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:getForPickupDonations]';
					}
					else {
						# debugging purposes <remove on production>	
							//echo "got it";
					
						# get the entry values
							while ($row = mysql_fetch_assoc($result)){ 
								$resultArray[] = $row; 
							}
						# return the values											
							return $resultArray;
					}		
			//}
	}
	
	# can be used for generating the pickup reminder list for the agent
	public function getAgentPickupDonation ($dateTime, $agentId) {
		# check if the DB_HANDLE has connected to the database
			/*if ($this->DB_HANDLE == NULL) {
				return $errorArray['DB_NOTCONNECTED'];
			}
			else {*/
				# protection against SQL injection, add slashes to escape all escape characters
					$dateTime = addslashes($dateTime);
					$agentId = addslashes($agentId);
				# prepare the statement
					$statement = "SELECT donation_id FROM ticket_donations WHERE donation_pickupdate = '$dateTime' AND agent_id = '$agentId' AND donation_status = 1";
				# query & check if error has occured
					if(!$result = mysql_query($statement)) {
						return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:getAgentPickupDonation]';
					}
					else {
						# debugging purposes <remove on production>	
							//echo "got it";
					
						# get the entry values
							while ($row = mysql_fetch_assoc($result)){ 
								$resultArray[] = $row; 
							}
						# return the values											
							return $resultArray;
					}		
			//}
	}	


###############################	
# STORE SYSTEM DATA FUNCTIONS #	
###############################	

	# the store functions stores the values to the class' attributes and then connects to the database to store the value
	# it is already assumed that the script that will provide the necessary input validation and error checking
	# the only security the setters provide is the addslashes() function to protect SQL injection from happening
	
		public function addNewDonation ($valuesArray, $agentId, $clientId, $ticketId) {
			# check if the DB_HANDLE has connected to the database
				/*if ($this->DB_HANDLE == NULL) {
					return $errorArray['DB_NOTCONNECTED'];
				}
				else {	*/	
					# prepare the statement 
						$statement = "INSERT INTO ticket_donations (				
								agent_id,
								client_id,
								ticket_id,
								donation_preferredmodeofpayment,
								donation_recurrenceofpayment,
								donation_category,
								donation_amountpledged,
								donation_amountcollected,
								donation_time,
								donation_update,
								donation_status,
								donation_pickupdate
							) 
							VALUES (
								'{$agentId}',
								'{$clientId}',
								'{$ticketId}',
								'{$valuesArray['donation_preferredmodeofpayment']}',
								'{$valuesArray['donation_recurrenceofpayment']}',
								'{$valuesArray['donation_category']}',
								'{$valuesArray['donation_amountpledged']}',
								'{$valuesArray['donation_amountcollected']}',
								'{$valuesArray['donation_time']}',
								'{$valuesArray['donation_update']}',
								'{$valuesArray['donation_status']}',
								'{$valuesArray['donation_pickupdate']}'
							)";
						
					# query & check if error has occured
						if(!$query = mysql_query($statement)) {
							return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:addNewDonation]';
						}
						else {								
							# debugging purposes <remove on production>	
								//echo "updated the database";
				
							# return the values				
								return mysql_insert_id();
						}	
				//}
		}
		
#########################
# MODIFY DATA FUNCTIONS #
#########################

		# the complete donation ticket changes the status of the donation into complete (which is '4' in numerical value)		
		public function completeDonation ($donationId) {
			# check if the DB_HANDLE has connected to the database
				/*if ($this->DB_HANDLE == NULL) {
					return $errorArray['DB_NOTCONNECTED'];
				}
				else {	*/	
					# check if the donated amount is equivalent or more than the pledged amount
						$valuesArray = $this->getDonation($donationId);
						if ((int)$valuesArray['donation_amountcollected'] >= (int)$valuesArray['donation_amountpledged']) {
							$donationId = addslashes($donationId);
							# prepare the statement
								$statement = "UPDATE ticket_donations SET donation_status = '4' WHERE donation_id = '$donationId'";
							# query & check if error has occured
								if(!$query = mysql_query($statement)) {
									return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:completeDonation]';
								}
								else {
									# debugging purposes <remove on production>	
										echo "updated the database";
										
									# return the values											
										return true;
								}
						}
						else {
							echo 'no update';
							return false;
						}
				//}		
		}
		
		# the close donation ticket changes the status of the donation into close (which is '3' in numerical value)		
		public function closeDonationTicket ($donationId) {
			# check if the DB_HANDLE has connected to the database
				/*if ($this->DB_HANDLE == NULL) {
					return $errorArray['DB_NOTCONNECTED'];
				}
				else {	*/	
					$donationId = addslashes($donationId);
					# prepare the statement
						$statement = "UPDATE ticket_donations SET donation_status = '3' WHERE donation_id = '$donationId'";
					# query & check if error has occured
						if(!$query = mysql_query($statement)) {
							return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:closeDonationTicket]';
						}
						else {
							# debugging purposes <remove on production>	
								//echo "updated the database";
				
							# return the values											
								return true;
						}
				//}		
		}
		
		# the cancel donation ticket changes the status of the donation into cancel (which is '2' in numerical value)		
		public function cancelDonationTicket ($donationId) {
			# check if the DB_HANDLE has connected to the database
				/*if ($this->DB_HANDLE == NULL) {
					return $errorArray['DB_NOTCONNECTED'];
				}
				else {		*/
					$donationId = addslashes($donationId);
					# prepare the statement
						$statement = "UPDATE ticket_donations SET donation_status = 2 WHERE donation_id = '$donationId'";
					# query & check if error has occured
						if(!$query = mysql_query($statement)) {
							return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:cancelDonationTickets]';
						}
						else {
							# debugging purposes <remove on production>	
								//echo "updated the database";
				
							# return the values											
								return true;
						}
				//}		
		}
		
		public function reschedulePickup ($donationId, $dateTime) {
			# check if the DB_HANDLE has connected to the database
				/*if ($this->DB_HANDLE == NULL) {
					return $errorArray['DB_NOTCONNECTED'];
				}
				else {	*/	
					$dateTime = addslashes($dateTime); // the addslashes is for SQL injection protection
					$donationId = addslashes($donationId);
					# prepare the statement
						$statement = "UPDATE ticket_donations SET donation_pickupdate = '$dateTime' WHERE donation_id = '$donationId'";
					# query & check if error has occured
						if(!$query = mysql_query($statement)) {
							return $errorArray['DB_QUERYERROR'] . ' -[DonationHandle:reschedulePickup]';
						}
						else {
							# debugging purposes <remove on production>	
								//echo "updated the database";
				
							# return the values											
								return true;
						}
				//}	
		}
}	
?>
